search

google / atheris

Apache License 2.0
1.35k stars 111 forks source link

"Permission denied" when using -merge=1 #53

Closed brunokim closed 1 year ago

brunokim commented 1 year ago

I was fuzzing an interpreter using the following command successfully:

python fuzz/fuzz_interpreter.py fuzz/interpreter_corpus

I decided to attempt to minimize the corpus, writing it to a new location, using the following command:

mkdir -p fuzz/corpus/interpreter
python fuzz/fuzz_interpreter.py -merge=1 fuzz/corpus/interpreter fuzz/interpreter_corpus

And got a series of errors like

...
sh: 1: fuzz/fuzz_interpreter.py: Permission denied
MERGE-OUTER: attempt 684
sh: 1: fuzz/fuzz_interpreter.py: Permission denied
MERGE-OUTER: attempt 685
sh: 1: fuzz/fuzz_interpreter.py: Permission denied
MERGE-OUTER: the control file has 45216 bytes
MERGE-OUTER: consumed 0Mb (39Mb rss) to parse the control file
MERGE-OUTER: 0 new files with 0 new features added; 0 new coverage edges

After re-running with strace -f, I found the issue is that somewhere there's an attempt to rerun the script directly:

[pid 2581944] execve("fuzz/fuzz_interpreter.py", ["fuzz/fuzz_interpreter.py", "-artifact_prefix=fuzz/artifacts/"..., "fuzz/corpus/interpreter/", "fuzz/interpreter_corpus/", "-merge_control_file=/tmp/libFuzz"..., "-merge_inner=1"], 0x556aa3cfb5c8 /* 72 vars */) = -1 EACCES (Permissão negada)

I've set the shebang line #!/usr/bin/env python and set it to executable, and it worked (reduced from 685 samples to 242!).

If this is intended behavior, than documentation should be updated to call out this requirement, and make sure that it always includes the shebang line in examples.